TITLE OF THE INVENTION 

FILE MANAGEMENT APPARATUS 

This application is based on an application 
5 No. 2000-138642 filed in Japan, the content of which is hereby 
incorporated by reference. 



BACKGROUND OF THE INVENTION 

(1) Field of the Invention 

10 The present invention relates to a file management 

apparatus that encrypts and stores information, to prevent 
third parties from knowing its contents. 

(2) Related Art 

With the widespread use of computers, techniques for 
15 storing information after encrypting the information have 
been generally employed to prevent third parties from knowing 
the contents of the information. 

Japanese Laid-Open Patent Application No. H9-204330 
discloses a technique for encrypting a file in a computer 
20 using an encryption key and storing the encrypted file in 
a specific encrypted information storage area, to allow only 
specific users to have access to the encrypted information 
storage area with registered authentication passwords . Each 
specific user memorizes an authentication password . When the 
25 user inputs the authentication password, a decryption key 
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is automatically selected so as to decrypt the encrypted file. 
Here, the authentication password may be composed of a 
character string or a number that is short enough for a person 
to memorize, and the encryption key and the decryption key 
5 have more bits than the authentication password. 

According to the above technique, however, the 
difficulty still lies in that the user has to memorize the 
authentication password. In case the user forgets the 
authentication password, he or she cannot decrypt the 
10 encrypted file 

SUMMARY OF THE INVENTION 

In view of the above problem, the object of the present 

invention is to provide a file management apparatus that is 
15 capable of managing encrypted information securely, and that 

ensures decryption of the encrypted information even when 

the user forgets a password. 

The above object can be achieved by a file management 

apparatus that encrypts a plaintext to generate a ciphertext, 
20 stores the ciphertext, and decrypts the ciphertext, the file 

management apparatus including: a key storage medium storing 

key information beforehand; a registration unit for 

encrypting the key information using a password to generate 

an encrypted key; an encryption unit for encrypting a plaintext 
25 based on the key information to generate a ciphertext; a switch 

unit for switching between (a) generating key information 
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by decrypting the encrypted key using the password and (b) 
reading the key information from the key storage medium; and 
a decryption unit for decrypting the ciphertext based on one 
of the generated key information and the read key information. 
5 The file management apparatus may further include a memory 
unit, wherein the registration unit receives an input of the 
password, encrypts the key information using the received 
password to generate the encrypted key, and writes the 
generated encrypted key to the memory unit, the encryption 

10 unit encrypts the plaintext using a file key to generate the 
ciphertext, encrypts the file key using the key information 
to generate an encrypted file key, and writes the ciphertext 
in association with the encrypted file key, to the memory 
unit, the switch unit (a) includes a first key obtaining unit 

15 for receiving an input of the password and decrypting the 
encrypted key using the received password to generate the 
key information, and a second key obtaining unit for reading 
the key information from the key storage medium, and (b) obtains 
the key information by one of the first key obtaining unit 

20 and the second key obtaining unit, and the decryption unit 
decrypts the encrypted file key using the obtained key 
information to generate a file key, and decrypts the ciphertext 
using the file key to generate a decrypted text. 

According to this construction, operations are switched 

25 between (a) generating key information by decrypting the 
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encrypted key using the password and (b) reading key 
information from the key storage medium, and the ciphertext 
is decrypted based on the generated key information or the 
read key information* Therefore, the ciphertext can be 
5 decrypted without a password. 

The above obj ect can also be achieved by a file management 
apparatus that encrypts a plaintext to generate a ciphertext, 
stores the ciphertext, and decrypts the ciphertext, the file 
management apparatus including: a key storage medium storing 

10 key information beforehand; a registration unit for encrypting 
a password using the key information to generate an encrypted 
password; an encryption unit for encrypting a plaintext using 
a file key to generate a ciphertext, encrypting the file key 
based on a password obtained by decrypting the encrypted 

15 password to generate a first encrypted file key, and encrypting 
the file key based on the key information to generate a second 
encrypted file key; a switch unit for switching between (a) 
decrypting the first encrypted file key based on the password 
and (b) decrypting the second encrypted file key based on 

20 the key information, to generate a file key; and a decryption 
unit for decrypting the ciphertext using the generated file 
key . 

The file management apparatus may further include a memory 
unit, wherein the registration unit receives an input of the 
25 password, encrypts the received password using the key 
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information to generate the encrypted password, and writes 
the generated encrypted password to the memory unit, the 
encryption unit decrypts the encrypted password using the 
key information to generate the password, encrypts the 
5 plaintext using the file key to generate the ciphertext, 
encrypts the file key using the password to generate the first 
encrypted file key, encrypts the file key using the key 
information to generate the second encrypted file key, and 
writes the ciphertext in association with the first encrypted 

10 file key and the second encrypted file key, to the memory 
unit, the switch unit (a) includes a first key obtaining unit 
for receiving an input of the password and decrypting the 
first encrypted fie key using the received password, and a 
second key obtaining unit for decrypting the second encrypted 

15 file key using the key information, and (b) obtains the file 
key by one of the first key obtaining unit and the second 
key obtaining unit, and the decryption unit decrypts the 
ciphertext using the obtained file key to generate a decrypted 
text . 

20 According to this construction, operations are switched 

between (a) decrypting the encrypted file key based on the 
password and (b) decrypting an encrypted file key based on 
the key information, to generate a file key, and the ciphertext 
is decrypted based on the file key. Therefore, the ciphertext 

25 can be decrypted without a password. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

These and other objects, advantages and features of the 
invention will become apparent from the following description 
5 thereof taken in conjunction with the accompanying drawings 
that illustrate a specific embodiment of the invention. In 
the drawings : 

Fig . 1 shows an appearance of a file management apparatus 
relating to a first embodiment of the present invention; 
10 Fig. 2 is a block diagram showing a construction of the 

file management apparatus; 

Fig. 3 is a flowchart showing an operation of a password 
registration unit in the first embodiment; 

Fig. 4 is a flowchart showing an operation of a file 
15 encryption unit in the first embodiment; 

Fig. 5 is a flowchart showing an operation of a file 
decryption unit in the first embodiment; 

Fig. 6 shows an example of a user ID table; 
Fig. 7 is a flowchart showing an operation of the file 
20 management apparatus when a password is changed; 

Fig. 8 is a flowchart showing an operation of the file 
management apparatus when key information is changed; 

Fig. 9 shows an example of data structure of an encrypted 
file in the first embodiment; 
25 Fig. 10 is a block diagram showing a construction of 
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a file apparatus relating to a second embodiment of the present 
invention; 

Fig. 11 is a flowchart showing an operation of a password 
registration unit in the second embodiment; 
5 Fig. 12 is a flowchart showing an operation of a file 

encryption unit in the second embodiment; 

Fig. 13 is a flowchart showing an operation of a file 
decryption unit in the second embodiment; 

Fig. 14 is a flowchart showing an operation of the file 
10 management apparatus when a password is changed; 

Fig. 15 is a flowchart showing an operation of the file 
management apparatus when key information is changed; 

Fig. 16 is a flowchart showing an operation when a key 
storage medium is lost in the second embodiment. To be 
15 continued to Fig. 17; 

Fig. 17 is a flowchart showing the operation when the 
key storage medium is lost in the second embodiment. To be 
continued to Fig. 18; and 

Fig. 18 is a flowchart showing the operation when the 
20 key storage medium is lost in the second embodiment . Continued 
from Fig . 17 . 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

The following is an explanation of preferred embodiments 
25 of the present invention, with reference to the drawings. 
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1. First Embodiment 

The following is an explanation of a file management 
apparatus 10 relating to a first embodiment of the present 
invention* 

5 Fig. 1 shows an appearance of the file management 

apparatus 10, As shown in the figure, the file management 
apparatus 10 is a computer system that is roughly composed 
of a microprocessor, a ROM, a RAM, a hard disc unit, a display 
unit, and a keyboard. The RAM or the hard disk unit stores 

10 a computer program. The functions of the file management 
apparatus 10 are realized by the microprocessor operating 
according to the computer program. A key storage medium 20 
which stores key information beforehand is equipped in the 
file management apparatus 10. 

15 1.1 Constructions of the File Management Apparatus 10 and 
the Key Storage Medium 2 0 

The following is an explanation of the constructions 
of the file management apparatus 10 and the key storage medium 
20. 

20 As shown in Fig. 2, the file management apparatus 10 

includes a password registration unit 100, a file encryption 
unit 200, a file decryption unit 300, and a storage unit 400, 
and the key storagemedium20 is connected to the f ilemanagement 
apparatus 10. 

25 The password registration unit 100 includes a password 
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input unit 101 and an encryption unit 102 . The file encryption 
unit 200 includes a file key generation unit 201, an encryption 
unit 202, and an encryption unit 203. The file decryption 
unit 300 includes a password input unit 301, a decryption 
5 unit 302, a switch unit 303, a decryption unit 304, and a 
decryption unit 305. 

(1) Key Storage Medium 2 0 

The key storage medium 20 is a portable storage medium 
having a storage area made up of a nonvolatile semiconductor 
10 memory. The storage area stores 56-bit key information 
beforehand. 

The key information is unique to a user, and the user 
usually possesses the key storage medium 20. To operate the 
file management apparatus 10, the user inserts the key storage 
15 medium 20 in a special drive equipped with the file management 
apparatus 10, to connect the key storage medium 20 to the 
file management apparatus 10. 

(2) Storage Unit 400 

The storage unit 400 is constructed of a hard disc unit, 
20 and is internally equipped with a storage area for storing 
information as files . Each file is identified by a file name . 

The storage unit 400 stores a plaintext file 401 
beforehand, the plaintext 401 storing a plaintext. 

(3) Password Input Unit 101 

25 The password input unit 101 receives an input of a 
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password from the user. Here, the password is a string of 
eight characters composed of numerals and alphabets. The 
password input unit 101 outputs the received password to the 
encryption unit 102. 
5 (4) Encryption Unit 102 

The encryption unit 102 receives the password from the 
password input unit 101. On receipt of the password, the 
encryption unit 102 reads the key information from the storage 
area of the key storage medium 20, adds a plurality of zero 

10 bits to the end of the password to make it 56 bits long, and 
adds a plurality of zero bits to the end of the key information 
to make the key information 64 bits long. Following this, 
the encryption unit 102 subjects the key information to the 
encryption algorithm El using the password as a key to generate 

15 an encrypted key. Here, the encryption algorithm El complies 
with Data Encryption Standard (DES) . Note that DES is 
well-known, and so it is not explained here. 

In a block diagram in Fig. 2, a key mark near a line 
connecting the password input unit 101 and the encryption 

20 unit 102 indicates that the encryption unit 102 uses the 
password outputted from the password input unit 101 as a key. 
The same applies to other encryption and decryption units 
in Fig. 2, and to encryption and decryption units in Fig. 
10. 

25 The encryption unit 102 then writes the generated 
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encrypted key as a file to the storage unit 400. 

(5) File Key Generation Unit 201 

The file key generation unit 201 is internally equipped 
with a random number generation unit and a timer, and so 
5 generates a 56-bit random number, acquires the current time 
expressed by year, month, day, hour, minute, second, and 
millisecond, takes an exclusive-OR of the generated random 
number and the acquired current time so as to generate a file 
key that is 56 bits long, and outputs the generated file key 
10 to the encryption unit 202 and the encryption unit 203. 

(6) Encryption Unit 203 

The encryption unit 203 receives the user designation 
of a file name of the plaintext file 401 stored in the storage 
unit 400, and reads the plaintext file 401 identified by the 
15 file name from the storage unit 400, Also, the encryption 
unit 203 receives the file key from the file key generation 
unit 201. 

The encryption unit 203 then subjects a plaintext 
included in the plaintext file 401 to the encryption algorithm 

20 E3 using the received file key as a key, to generate a ciphertext . 
The encryption unit 203 then writes an encrypted file 404 
to the storage unit 400. The encrypted file 404 is composed 
of a header part, and a data part that includes the generated 
ciphertext. It should be noted here that the encryption 

25 algorithm E3 complies with DES . 



11 



Here, when the plaintext is at least 64 bits long, the 
encryption unit 203 divides the plaintext into a plurality 
of plaintext blocks, each plaintext block being 64 bits long. 
The encryption unit 203 then subjects each plaintext block 
5 to the encryption algorithm E3 to generate a ciphertext block, 
and concatenates each generated ciphertext block to form a 
ciphertext . 

(7) Encryption Unit 202 

The encryption unit 202 reads the key information from 
10 the key storage medium 20, receives the file key from the 
file key generation unit 201, and adds a plurality of zero 
bits to the end of the file key so as to make the file key 
64 bits long. 

The encryption unit 202 then subjects the file key to 
15 the encryption algorithm E2 using the read key information 
as a key to generate an encrypted file key, and writes the 
generated encrypted file key into the header part of the 
encrypted file 404 in the storage unit 400 . It should be noted 
here that the encryption algorithm E2 complies with DES . 
20 (8) Switch Unit 303 

The switch unit 303 receives an input of either a first 
type or a second type from the user. The first type indicates 
to decrypt a ciphertext using a password, and the second type 
indicates to decrypt a ciphertext using key information. 
25 When the input of the first type is received, the switch 
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unit 303 receives the key information from the decryption 
unit 302, and outputs the received key information to the 
decryption unit 304. When the input of the second type is 
received, the switch unit 303 reads the key information from 
5 the key storage medium 20, and outputs the read key information 
to the decryption unit 304. 

(9) Password Input Unit 301 

The password input unit 301, as the password input unit 
101, receives the input of the password from the user and 
10 outputs the received password to the decryption unit 302. 

(10) Decryption Unit 302 

The decryption unit 302 receives the password from the 
password input unit 301, reads the encrypted key from the 
storage unit 400, adds a plurality of zero bits to the end 

15 of the password so as to make the password 56 bits long, and 
subjects the read encrypted key to the decryption algorithm 
Dl using the password as a key to generate key information. 
It should be noted here that the decryption algorithm Dl 
complies with DES, and is to perform the inverse conversion 

20 to the encryption algorithm El. 

Following this, the decryption unit 302 deletes the bit 
string of the generated key information except the first 56 
bits, and outputs the 56-bit key information to the switch 
unit 303. 

25 (11) Decryption Unit 304 
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The decryption unit 304 receives the key information 
from the switch unit 303, reads the encrypted file key included 
in the header part of the encrypted file 404 in the storage 
unit 400, and subjects the read encrypted file key to the 
5 decryption algorithm D2 using the received key information 
as a key to generate a fie key. It should be noted here that 
the decryption algorithmD2 complies with DES, and is toperf orm 
the inverse conversion to the encryption algorithm E2 . 

The decryption unit 304 then deletes the bit string of 

10 the generated file key except the first 56 bits, and outputs 
the 56-bit file key to the decryption unit 305 . 
(12) Decryption Unit 305 

The decryption unit 305 receives the file key from the 
decryption unit 304, reads the ciphertext included in the 

15 data part of the encrypted file 404 in the storage unit 400, 
and subjects the read ciphertext to the decryption algorithm 
D3 using the received file key as a key to generate a decrypted 
text* It should be noted here that the decryption algorithm 
D3 complies with DES, and is to perform the inverse conversion 

20 to the encryption algorithm E3. 

Here, when the ciphertext is at least 64 bits long, the 
decryption unit 305 divides the ciphertext into a plurality 
of ciphertext blocks, each ciphertext block being 64 bits 
long. The decryption unit 305 then subjects each ciphertext 

25 block to the decryption algorithm D3 to generate a decrypted 
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text block, and concatenates each generated decrypted text 
block to form a decrypted text. 

Following this, the decryption unit 30 5 writes a decrypted 
text file 402 including the generated decrypted text to the 
5 storage unit 400. 

1.2 Operation of the File Management Apparatus 10 

The following is an explanation of the operation of the 
file management apparatus 10. 

(1) Operation of the Password Registration Unit 100 

10 The following is an explanation of the operation of the 

password registration unit 100, with reference to a flowchart 
shown in Fig. 3. 

The password input unit 101 receives an input of a 
password from the user, and outputs the received password 

15 to the encryption unit 102 (step S101) . 

The encryption unit 102 then reads key information from 
the storage area of the key storage medium 20 (step S102) , 
subjects the read key information to the encryption algorithm 
El using the password as a key to generate an encrypted key 

20 (step S103) , and writes the generated encrypted key as a file 
to the storage unit 400 (step S104) . 

(2) Operation of the File Encryption Unit 200 

The following is an explanation of the operation of the 
file encryption unit 200, with reference to a flowchart shown 
25 in Fig. 4. 
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The file key generation unit 201 generates a file key 
(step S121) . Following this, the encryption unit 203 reads 
the plaintext file 401 from the storage unit 400, subjects 
a plaintext stored in the plaintext file 401 to the encryption 
5 algorithm E3 using the generated file key as a key to generate 
a ciphertext (step S122), and writes the encrypted file 404 
including the generated ciphertext in the data part thereof, 
to the storage unit 400 (step S123) . 

Following this, the encryption unit 202 reads key 

10 information from the key storage medium 20, receives the file 
key from the file key generation unit 2 01 , subj ects the received 
file key to the encryption algorithm E2 using the read key 
information as a key to generate an encrypted file key (step 
S124), and writes the generated encrypted file key into the 

15 header part of the encrypted file 404 in the storage unit 
400 (step S125) . 

(3) Operation of the File Decryption Unit 300 

The following is an explanation of the operation of the 
file decryption unit 300, with reference to a flowchart shown 
20 in Fig. 5. 

The switch unit 303 receives an input of either the first 
type or the second type from the user (step S141) . 

When the switch unit 303 receives the input of the first 
type (step S142), the password input unit 301 receives an 
25 input of a password from the user and outputs the received 
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password to the decryption unit 302 (step S144) . The 
decryption unit 302 reads an encrypted key from the storage 
unit 400, subjects the read encrypted key to the decryption 
algorithm Dl using the password as a key to generate key 
information, and outputs the generated key information to 
the decryption unit 304 via the switch unit 303 (step S145) . 

When the switch unit 303 receives the input of the second 
type (step S142), the switch unit 303 reads key information 
from the key storage medium 20, and outputs the read key 
information to the decryption unit 304 (step S143) . 

Following this, the decryption unit 304 receives the 
key information from the switch unit 303, reads an encrypted 
file key included in the header part of the encrypted file 
404 in the storage unit 400, and subjects the read encrypted 
file key to the decryption algorithm D2 using the received 
key information as a key to generate a file key (step S146) . 
The decryption unit 305 reads a ciphertext included in the 
data part of the encrypted file 404 in the storage unit 400, 
subjects the read ciphertext to the decryption algorithm D3 
using the file key as a key to generate a decrypted text (step 
S147), and writes the decrypted text file 402 including the 
generated decrypted text, to the storage unit 400 (step S148) . 
1.3 Conclusions 

As described above, the file management apparatus 10 
has the three functions : password registration; plaintext 
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encryption; and ciphertext decryption. 

For registering a password, the user loads the key storage 
medium 20 on the file management apparatus 10, and inputs 
a password to be registered- The password registration unit 
100 encrypts key information using the input password, and 
stores the generated encrypted key as a file in the computer. 

For encrypting aplaintext, the user loads the key storage 
medium 20 on the file management apparatus 10, and designates 
a file to be encrypted. Here, a password does not need to 
be inputted for encrypting each plaintext, which makes the 
encryption processing easier for the user. The file 
encryption unit 200 generates a file key arbitrarily, encrypts 
the generated file key using the key information to generate 
an encrypted file key, encrypts information stored in the 
file using the generated file key to generate a ciphertext, 
and writes an encrypted file to the storage unit 400, the 
encrypted file including the encrypted file key in the header 
part thereof and the ciphertext in the data part thereof. 

For decrypting a ciphertext, there are two methods, one 
using key information and the other using a password. When 
using key information, the file decryption unit 300 decrypts 
an encrypted file key obtained from the header part of the 
encrypted file using the key information, to obtain a file 
key. The file decryption unit 300 then decrypts a ciphertext 
using the obtained file key as a key. When using a password, 
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the file decryption unit 300 receives an input of a password 
from the user, decrypts an encrypted key using the received 
password to obtain key information, decrypts an encrypted 
file key using the key information to obtain a file key, and 
5 finally decrypts a ciphertext using the file key as a key 
to obtain the plaintext. 

According to the above construction of the file 
management apparatus 10, encrypted information is usually 
decrypted using key information, and when the user fails to 
10 bring a key storage medium storing key information, encrypted 
information can be decrypted using a password as described 
above . 

1.4 Modifications 

Although the present invention has been described based 

15 on the first embodiment, the invention should not be limited 
to such. For instance, the file management apparatus 10 may 
be constructed according to the following modifications. 

(1) The password registration unit 100 may further 
receive an input of a user identifier (user ID) that identifies 

20 the user, and write the encrypted key, in association with 
the user identifier, into a user ID table in the storage unit 
400 . Fig. 6 shows an example of the user ID table. The user 
ID table has an area for storing a plurality of pairs each 
composed of an user ID and an encrypted key. In this case, 

25 the file decryption unit 300 receives an input of a user ID, 
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and then decrypts an encrypted key that is associated with 
the input user ID in the user ID table. 

With this construction, a plurality of users can use 
the file management apparatus 10. 
5 (2) The following is an explanation of the operation 

of the file management apparatus 10 when a password is changed, 
with reference to a flowchart shown in Fig. 7. 

The file management apparatus 10 further includes a 
deletion unit for deleting the encrypted key stored in the 

10 storage unit 400 (step S161) . 

The password input unit 101 in the password registration 
unit 100 receives an input of a new password from the user, 
and outputs the received new password to the encryption unit 
102 (step S162) . The encryption unit 102 then reads key 

15 information from the storage area of the key storage medium 
20 (step S163) , subjects the read key information to the 
encryption algorithm El using the new password as a key, to 
obtain a new encrypted key (stepS164) , andwritesthe generated 
new encrypted key as a file to the storage unit 400 (step 

20 S165) . 

In the above described way, a new encrypted key is 
generated when the password is changed. 

(3) For preventing encrypted information from being 
decrypted using a password, the only thing to do is to delete 
25 the encrypted key that has been encrypted using the password. 
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(4) The following is an explanation of the operation 
of the file management apparatus 10 when key information is 
updated, with reference to a flowchart shown in Fig, 8. 

The key storage medium 20 stores new key information 
5 beforehand, instead of the key information employedpreviously 
(referred to as old key information) . 

The password input unit 101 receives an input of a 
password that is the same as the password received previously 
(step S181) • The encryption unit 102 subjects the encrypted 

10 key (hereafter referred to as the old encrypted key) to the 
decryption algorithm Dl using the received password as a key 
to generate key information that is the same as the old key 
information (step S182), reads the new key information from 
the key storagemedium20, subjects the readnew key information 

15 to the encryption algorithm El using the password as a key 
to generate a new encrypted key (step S183) , and updates the 
old encrypted key stored in the storage unit 400 to the generated 
new encrypted key (step S184) . 

The file encryption unit 200 then reads the encrypted 

20 file key generated previously (hereafter referred to as the 
old encrypted file key) from the storage unit 400 , and subjects 
the old encrypted file key to the decryption algorithm D2 
using the old key information as a key, to generate a file 
key (step S185) , reads the new key information from the key 

25 storage medium 20, subjects the file key to the encryption 
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algorithm E2 using the new key information as a key to generate 
a new encrypted file key (step S186) , and updates the old 
encrypted file key in the encrypted file to the new encrypted 
file key (step S187) . 
5 In this way, for updating key information, the key 

information before being updated is first obtained using the 
old encrypted key and the password. An encrypted file key 
included in the header is then decrypted using the old key 
information to obtain a file key. Following this, the file 
10 key is encrypted using the new key information, and the 

encrypted file key is updated. Here, the encrypted key is 
updated, too. 

Note in the present embodiment, when key information 
is lost, the key information cannot be made temporarily 
15 invalid. 

(5) When encrypting a plaintext, the file encryption 
unit 200 may add encryption information to the header part 
of the encrypted file, the encryption information indicating 
that the plaintext has been encrypted. In this case, when 
20 key information is updated, the file encryption unit 200 may 
retrieve the encrypted file key in the encrypted file 404 
to whose header the encryption information has been added, 
and generate a file key from the retrieved encrypted file 
key. 

25 Also, the password registration unit 100 may receive 
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an input of a user ID that identifies the user, and the file 
encryption unit 200 may additionally write the user ID to 
the encrypted file that includes the ciphertext and the 
encrypted file key. In this case, when key information is 
updated, the file encryption unit 200 may retrieve the 
encrypted file key in the encrypted file to which the user 
ID has been added, and generate a file key from the retrieved 
encrypted file key. 

Also, the file encryption unit 200 may write the user 
ID and a file identifier that identifies the encrypted file 
including the ciphertext and the encrypted file key, in 
association with each other, as a unified file, to the storage 
unit 400. In this case, the file encryption unit 200 may 
extract the file identifier that is associated with the user 
ID from the unified file, identify the encrypted file key 
included in the file identified by the extracted file 
identifier, and generate a file key from the identified 
encrypted file key. 

Alternatively, the file encryption unit 200 may write 
(a) encryption information indicating that the plaintext has 
been encrypted and (b) a file identifier that identifies the 
encrypted file including the ciphertext and the encrypted 
file key, in association with each other, as a unified file, 
to the storage unit 400. In this case, the file encryption 
unit 200 may extract the file identifier that is associated 
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with the encryption information from the unified file, 
identify the encrypted file key included in the file identified 
by the extracted file identifier, and generate a file key 
from the identified encrypted file key. 
5 (6) In the above embodiment , the encrypted key is stored 

in one computer system, and so decryption of a ciphertext 
using a password is made only possible within the computer 
system. To enable the decryption of the ciphertext using the 
password in another computer system, the encrypted key may 

10 be stored in a portable storage medium, and may be inputted 
into the other computer system. 

Here, the password registration unit 100 in the computer 
system writes the encrypted key to a portable storage medium 
such as a SD memory card. Also, the user writes the encrypted 

15 file to another portable storage medium. The user then loads 
the portable storage medium to which the encrypted key has 
been written, and the portable storage medium to which the 
encrypted file has been written, on the other computer system, 
so that a file decryption unit in the other computer system 

20 reads the encrypted key from the portable storage medium, 
decrypts the read encrypted key, and also, reads the encrypted 
file from the portable storage medium, and decrypts the read 
encrypted file. 

It should be noted here that the encrypted key and the 

25 encrypted file may be written to one portable storage medium 
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as separate files. 

(7) The password registration unit 100 may read key 
information from the key storage medium 20, subject the read 
key information to a hash algorithm to generate first 
5 authentication information, and write the generated first 
authentication information in association with the encrypted 
key, to the storage unit 400 . In this case, the file decryption 
unit 300 may read the encrypted key and the first authentication 
information from the storage unit 400, decrypt the encrypted 

10 key to generate key information, and subject the generated 
key information to the hash algorithm that was used in the 
above encryption, to generate second authentication 
information. Following this, the file decryption unit 300 
may compare the first authentication information and the 

15 second authentication information to see if they match. If 
they do not match, the encrypted key is judged to have been 
altered, or if they match, the encrypted key is judged not 
to have been altered. 

The file encryption unit 200 may also generate first 

20 authentication information from a file key in the same way 
as described above, and writes the generated first 
authentication information in association with the encrypted 
file key, to the storage unit 400. The file decryption unit 
300 may read the first authentication information and the 

25 file key, generate second authentication information from 
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the read file key in the same way as described above, and 
compare the read first authentication information with the 
generated second authentication information, to detect an 
alteration of the file key if any. Also, an alteration of 
5 a plaintext can be detected in the same manner as described 
above . 

(8) The password registration unit 100 may write the 
key information and the encrypted key, in association with 
each other, as one file to the storage unit 400. 

10 As one example shown in Fig, 9, the file encryption unit 

200 writes the encrypted key and the encrypted file key to 
the header part of the encrypted file 404a, and the ciphertext 
to the data part of the encrypted file 404a in the storage 
unit 400b. In this case, the file decryption unit 300 reads 

15 the encrypted key from the header part of the encrypted file 
404a, instead of reading the encrypted key from the file 403 
in the storage unit 400. 

By storing the encrypted key to a header part of each 
encrypted file, a ciphertext stored therein can be decrypted 

20 only using a password if the encrypted file is transferred 
to another computer. It should be noted here, however, when 
the password is changed, the encrypted key in the header part 
of each concerned encrypted file needs to be updated. Also, 
storing the encrypted key and the key information required 

25 for encrypting a plaintext into one storage medium serves 
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as convenient. 

(9) The file encryption unit 200 may further receive 
an input of a user indication, the user indication showing 
whether an encrypted key and a ciphertext are to be stored 

5 in association with each other into one encrypted file. When 
the indication shows that the encrypted key and the ciphertext 
are to be stored in association with each other into one 
encrypted file, the file encryption unit 200 writes the 
encrypted key to the header part of the encrypted file, and 
10 the ciphertext to the data part of the encrypted file. 

It should be noted here that an encrypted file that does 
not store an encrypted key cannot be decrypted only with a 
password unless the encrypted key is stored separately. 

(10) The password registration unit 100 may write the 
15 generated encrypted key to the key storage medium 20 instead 

of to the storage unit 400. 
2. Second Embodiment 

The following is an explanation of a file management 
apparatus 10b relating to a second embodiment of the present 
20 invention. 

The file management apparatus 10b is a computer system 
on which the key storage medium 20 is loaded, as the file 
management apparatus 10. 

2.1 Constructions of the File Management Apparatus 10b and 
25 the Key Storage Medium 20 
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The following is an explanation of the constructions 
of the file management apparatus 10b and the key storage medium 
20. 

The file management apparatus 10b includes a password 
5 registration unit 100b, a file encryption unit 200b, a file 
decryption unit 300b, and a storage unit 400b, and the key 
storage medium 20 is connected to the file management apparatus 
10b as shown in Fig, 10. 

The password registration unit 100b includes a password 

10 input unit 101b and an encryption unit 102b. The file 

encryption unit 200b includes a file key generation unit 201b, 
an encryption unit 202b, an encryption unit 203b, an encryption 
unit 204b, and a decryption unit 205b. The file decryption 
unit 300b includes a password input unit 301b, a decryption 

15 unit 302b, a switch unit 303b, a decryption unit 304b, and 
a decryption unit 305b. The following explanation focuses 
on the differences from the construction of the file management 
apparatus 10. 

(1) Storage Unit 400b 

20 The storage unit 400b, as the storage unit 400, stores 

a plaintext file 401b beforehand, the plaintext file 401b 
storing a plaintext. 

(2) Password Input Unit 101b 

The password input unit 101b, as the password input unit 
25 101, receives an input of a password, and outputs the received 
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password to the encryption unit 102b. 

(3) Encryption Unit 102b 

The encryption unit 102b, as the encryption unit 102, 
reads key information from the key storage medium 20, subjects 
5 the password received from the password input unit 101b to 
the encryption algorithm El using the read key information 
to generate an encrypted password, and writes the generated 
encrypted password as a file, to the storage unit 400b. 

(4) File Key Generation Unit 201b 

10 The file key generation unit 201b, as the file key 

generation unit 201, generates a file key, and outputs the 
generated file key to the encryption unit 202b, the encryption 
unit 203b, and the encryption unit 204b. 

(5) Decryption Unit 205b 

15 The decryption unit 205b reads the encrypted password 

stored in the storage unit 400b, and reads the key information 
from the key storage medium 20 . The decryption unit 205b then 
subjects the read encrypted password to the decryption 
algorithm Dl using the read key information to generate a 

20 password, and outputs the generated password to the encryption 
unit 202b. 

(6) Encryption Unit 203b 

The encryption unit 203b, as the encryption unit 203, 
reads the plaintext file 401b from the storage unit 400b, 
25 and receives the file key from the file key generation unit 
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201b. 

The encryption unit 203b then subjects a plaintext 
included in the plaintext file 401b to the encryption algorithm 
E3 using the received file key as a key to generate a ciphertext, 
5 and writes an encrypted file 404b including the generated 
ciphertext in the data part thereof, to the storage unit 400. 

(7) Encryption Unit 202b 

The encryption unit 202b receives the password from the 
decryption unit 205b and the file key from the file key 

10 generation unit 2 01b . The encryption unit 2 02b then subjects 
the received file key to the encryption algorithm E2 using 
the received password as a key to generate a first encrypted 
file key, and writes the generated first encrypted file key 
to the header part of the encrypted file 404b in the storage 

15 unit 400b. 

(8) Encryption Unit 204b 

The encryption unit 204b reads the key information from 
the key storage medium 20, receives the file key from the 
file key generation unit 201b. The encryption unit 204b then 

20 subjects the file key to the encryption algorithm E4 using 
the read key information as a key to generate a second encrypted 
file key, and writes the generated second encrypted file key 
to the header part of the encrypted file 404b in the storage 
unit 400b. It should be noted here that the encryption 

25 algorithm E4 complies with DES. 
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(9) Switch Unit 303b 

The switch unit 303b receives an input of either a first 
type or a second type from the user. The first type indicates 
to decrypt a ciphertext using a password, and the second type 
indicates to decrypt a ciphertext using key information. 

When the input of the first type is received, the switch 
unit 303b receives the file key from the decryption unit 302b, 
and outputs the received file key to the decryption unit 305b. 
When the input of the second type is received, the switch 
unit 303b receives the file key from the decryption unit 304b, 
and outputs the received file key to the decryption unit 305b. 

(10) Password Input Unit 301b 

The password input unit 301b, as the password input unit 
101, receives an input of a password from the user, and outputs 
the received password to the decryption unit 302b. 

(11) Decryption Unit 302b 

The decryption unit 302b receives the password from the 
password input unit 301b, reads the first encrypted file key 
included in the header part of the encrypted file 404b in 
the storage unit 400b. The decryption unit 302b then subjects 
the read first encrypted file key to the decryption algorithm 
D2 using the read password as a key to generate a file key, 
and outputs the generated file key to the switch unit 303b. 

(12) Decryption Unit 304b 

The decryption unit 304b reads the key information from 
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the key storage medium 20, reads the second encrypted file 
key included in the header part of the encrypted file 404 
in the storage unit 400b, and subjects the read second encrypted 
file key to the decryption algorithm D4 using the read key 
5 information as a key to generate a fie key. Here, the 

decryption algorithm D4 complies with DES, and is to perform 
the inverse conversion to the encryption algorithm E4. 

The decryption unit 304b outputs the generated file key 
to the switch unit 303b. 

10 (13) Decryption Unit 305b 

The decryption unit 305b receives the file key from the 
decryption unit 304b, reads a ciphertext included in the data 
part of the encrypted file 404b in the storage unit 400, and 
subjects the read ciphertext to the decryption algorithm D3 

15 using the received file key as a key to generate a decrypted 
text. The decryption unit 305b writes a decrypted text file 
402b including the generated decrypted text to the storage 
unit 400. 

2.2 Operation of the File Management Apparatus 100b 
20 The following is an explanation of the operation of the 

file management apparatus 10b. 

(1) Operation of the Password Registration Unit 100b 

The following is an explanation of the operation of the 
password registration unit 100b, with reference to a flowchart 
25 shown in Fig. 11. 
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The password input unit 101b receives an input of a 
password from the user, and outputs the received password 
to the encryption unit 102b (step S201) . 

The encryption unit 102b then reads key information from 
5 the storage area of the key storage medium 20 (step S202), 
subjects the password to the encryption algorithm El using 
the key information as a key to generate an encrypted password 
(step S203), and writes the generated encrypted password as 
a file, to the storage unit 400b (step S204) . 
10 (2) Operation of the File Encryption Unit 200b 

The following is an explanation of the operation of the 
file encryption unit 200b, with reference to a flowchart shown 
in Fig, 12. 

The decryption unit 205b reads an encrypted password 
15 stored in the storage unit 400b, reads key information from 
the key storage medium 20, subjects the read encrypted password 
to the decryption algorithm Dl using the read key information 
to generate a password, and writes the generated password 
to the encryption unit 202b (step S221) . 
20 Following this, the file key generation unit 201b 

generates a file key (step S222) . 

The encryption unit 203b then reads the plaintext file 
4 01b from the storage unit 4 0 0b, subj ects a plaintext included 
in the plaintext file 401b to the encryption algorithm E3 
25 using the file key as a key to generate a ciphertext (step 
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S223), and writes the encrypted file 404b including the 
generated ciphertext in the data part thereof, to the storage 
unit 400b (step S224). 

Following this, the encryption unit 202b receives the 
5 password and the file key, and subjects the file key to the 
encryption algorithm E2 using the password as a key to generate 
a first encrypted file key ( step S225) , and writes the generated 
first encrypted file key to the header part of the encrypted 
file 404b in the storage unit 400b (step S226) . 

10 Following this, the encryption unit 204b receives the 

file key and the key information, subjects the file key to 
the encryption algorithm E4 using the key information as a 
key to generate a second encrypted file key (step S227), and 
writes the generated second encrypted file key to the header 

15 part of the encrypted file 404b in the storage unit 400b (step 
S228) . 

(3) Operation of the File Decryption Unit 300b 

The following is an explanation of the operation of the 
file decryption unit 300b, with reference to a flowchart shown 
20 in Fig. 13. 

The switch unit 303b receives an input of either the 
first type or the second type from the user (step S241). 

When the switch unit 303b receives the input of the first 
type (step S242), the password input unit 301b receives an 
25 input of a password from the user and outputs the received 
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password to the decryption unit 302b (step S245) . The 
decryption unit 302b reads a first encrypted file key from 
the storage unit 400b, subjects the read first encrypted file 
key to the decryption algorithm D2 using the password as a 
5 key to generate a file key, and outputs the generated file 
key to the decryption unit 305b via the switch unit 303b (step 
S246) . 

When the switch unit 303b receives the input of the second 
type (step S242), the decryption unit 304b reads key 

10 information from the key storage medium 20 (step S243) , reads 
a second encrypted file key from the storage unit 4 00b, subjects 
the read second encrypted file key to the decryption algorithm 
D4 using the key information as a key to generate a file key, 
and outputs the file key to the decryption unit 305b via the 

15 switch unit 303b (step S244) • 

Following this, the decryption unit 305b reads a 
ciphertext included in the data part of the encrypted file 
404b in the storage unit 400b, and subjects the read ciphertext 
to the decryption algorithm D3 using the file key as a key 

20 to generate a decrypted text (stepS247), and writes a decrypted 
text file 402b including the generated decrypted text, to 
the storage unit 400b (step S248) . 
2.3 Conclusions 

The file management apparatus 10b has the three 

25 functions : password registration; plaintext encryption; and 
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ciphertext decryption . 

For registering a password, the user loads the key storage 
medium storing key information beforehand, on the file 
management apparatus 10b, and inputs a password to be 
5 registered. The password registration unit 100b encrypts the 
input password using the key information, and stores the 
generated encrypted password in the computer system. In the 
second embodiment, information to be encrypted and a key used 
in the encryption are reversed as compared with those in the 

10 first embodiment. 

For encrypting a plaintext, the user first loads the 
key storagemediumon the computer system in which the encrypted 
password is present, and designates a file to be encrypted. 
The file encryption unit 200b first decrypts the encrypted 

15 password using the key information so as to obtain a password. 
Following this, the file encryption unit 200b encrypts a 
generated file key using the password, to generate a first 
encrypted file key. Also, the file encryption unit 200b 
encrypts the file key using the key information to generate 

20 a second encrypted file key. The file encryption unit 200b 
then encrypts information stored in the file using the file 
key to generate a ciphertext, and writes an encrypted file 
including the first encrypted file key and the second encrypted 
file key in the header part thereof, and the ciphertext in 

25 the data part thereof, to the storage unit 400b. 
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For decrypting a ciphertext, there are two methods, one 
using key information and the other using a password. When 
using key information, the file decryption unit 300b decrypts 
the second encrypted file key acquired from the header part 
5 of the encrypted file 404b using the key information, to obtain 
a file key. The file decryption unit 300b then decrypts the 
ciphertext using the obtained file key as a key. When using 
a password; the file decryption unit 300b receives an input 
of the password from the user, decrypts the first encrypted 

10 file key using the received password to obtain a file key, 
and decrypts the ciphertext using the file key as a key to 
obtain the original plaintext. 
2.4 Modification 

Although the present invention has been described based 

15 on the second embodiment, the invention should not be limited 
to such. For instance, the file management apparatus 10b may 
be constructed according to the following modifications. 

(1) The password registration unit 100b may further 
receive an input of a user ID that identifies the user, and 

20 store the encrypted password in association with the user 
ID, in a specific computer system. In this case, the file 
decryption unit 200b receives an input of a user ID, and then 
decrypts an encrypted password that is associated with the 
input user ID. 

25 (2) The following is an explanation of the operation 
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of the file management apparatus 10b when a password is changed, 
with reference to a flowchart shown in Fig. 14. 

The password registration unit 100b reads key 
information from the key storage medium 20, reads a second 
encrypted file key from the encrypted file 4 04b, and subjects 
the second encrypted file key to the decryption algorithm 
D4 using the key information as a key to generate a file key 
(step S261) . Following this, the password registration unit 
100b receives an input of a new password from the user (step 
S262), subjects the generated file key to the encryption 
algorithm E2 using the new password as a key to generate a 
new first encrypted file key (step S263) , and updates the 
first encrypted file key in the encrypted file 404b to the 
new first encrypted file key (step S264) . 

(3) For preventing encrypted information from being 
decrypted using a password, the file management apparatus 
10b deletes the first encrypted file key in the encrypted 
file 404b. In this case, decryption using key information 
is available. 

(4) The following is an explanation of the operation 
of the file management apparatus 10b when key information 
is updated, with reference to a flowchart shown in Fig. 15. 

The key storage medium stores new key information 
beforehand, insteadof the key information employedpreviously 
(referred to as old key information) . 
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The file encryption unit 200b receives an input of a 
password that is the same as the password received previously 
(step S281) , reads a first encrypted file key from the encrypted 
file 404b (step S282) , and subjects the first encrypted file 
5 key to the decryption algorithm D2 using the received password 
as a key to generate a file key (step S283) . Following this, 
the file encryption unit 200b reads the new key information 
from the key storage medium, subjects the file key to the 
encryption algorithm E4 using the new key information as a 

10 key to generate a new second encrypted file key (step S284) , 
and updates the second encrypted file key in the encrypted 
file 404b to the new second encrypted file key (step S285) . 

(5) In the above embodiment, the encrypted password is 
stored in a computer system in which a plaintext has been 

15 encrypted to generate a ciphertext, and so decryption of the 
ciphertext using a password is made only possible within the 
computer system. To enable the decryption of the ciphertext 
using the password in another computer system, the encrypted 
key may be stored in a portable storage medium, and inputted 

20 into the other computer system. 

Here, the password registration unit 100b in the computer 
system writes the encrypted password to a portable storage 
medium such as a SD memory card. Also, the user writes the 
encrypted file to another portable storage medium. The user 

25 then loads the portable storage medium to which the encrypted 
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key has been written, and the portable storage medium to which 
the encrypted file has been written, on the other computer 
system, so that a file decryption unit in the other computer 
system reads the encrypted key from the portable storage medium, 
5 decrypts the read encrypted key, and also, reads the encrypted 
file from the portable storage medium, and decrypts the read 
encrypted file. 

It should be noted here that the encrypted key and the 
encrypted file may be written to one portable storage medium 

10 as separate files • 

( 6) When encrypting aplaintext to generate a ciphertext, 
the file encryption unit 200b may add various information 
to the header part of the encrypted file, the various 
information including encryption information indicating that 

15 the plaintext has been encrypted, and a user ID for the key 
information • In this case, when key information or a password 
is updated, the file encryption unit 200b may retrieve the 
encrypted file with reference to the additional information, 
such as encryption information indicating that the plaintext 

20 has been encrypted and a user ID for the key information, 
in procedures described in the items (2) or (4) . Instead of 
writing such additional information to the header part of 
each encrypted file, the file encryption unit 200b may write 
such additional information for each encrypted file, to one 

25 unified file. In this case, the file encryption unit 200b 
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retrieves each concerned encrypted file from the unified file 
in procedures described in the items (2) or (4). 

(7) When encrypting aplaintext to generate a ciphertext, 
the file encryption unit 200b may further receive an input 
of a user indication, and determine whether to store a first 
encrypted file key into the header part of the encrypted file, 
according to the content of the user indication. When the 
first encrypted file key is determined to be stored, it is 
stored in the header part of the encrypted file as described 
above* When the first encrypted file key is determined not 
to be stored, neither generation nor storing of the first 
encrypted file key is performed* When the first encrypted 
file key is stored in the encrypted file, the ciphertext can 
be decrypted using a password. When the first encrypted file 
key is not stored in the encrypted file, the ciphertext is 
prohibited from being decrypted using a password. 

(8) For prohibiting a ciphertext from being decrypted 
using key information in a case where the user loses the key 
information, the file management apparatus 10b deletes a 
second encrypted file key. This can prevent unauthorized 
users from decrypting encrypted information by acquiring the 
lost key information. In this way, the key information can 
be made temporarily invalid in the second embodiment, which 
is impossible in the first embodiment. In this case, 
decryption using a password is available. 
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Furthermore, according to the construction described 
in the item (4), the encrypted information can be decrypted 
using a password. Therefore, the user is allowed to have 
access to encrypted files without any inconvenience until 
5 new key information is issued. Also, when the new key 

information is issued, the only thing to do is to update the 
header part of each concerned encrypted file, so that 
decryption of each encrypted file using the new key information 
thereafter becomes possible. 

10 The following is an explanation of operations when the 

user loses the key storage medium, with reference to flowcharts 
shown in Figs. 16 to 18. 

As shown in these flowcharts, key information is made 
temporarily invalid when the user loses the key storage medium 

15 (step S301) . When the user intends to decrypt a ciphertext 
while the key information is being invalid, a decryption 
process using a password is performed (step S302) . 

Next, new key information is issued. When the user is 
provided with a key storage medium storing the new key 

20 information, a new second encrypted file key is generated 
(step S303) , and a normal decryption process is performed 
using the new key information (step S304) . 

The following explains detailed processes performed in 
steps S301 to S304. 

25 In the process for making the key information temporarily 
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invalid in Step S301, the file management apparatus 10b deletes 
the second encrypted file key (step S311). 

In the decryption process using a password in step S302, 
the password input unit 301b receives an input of a password 
5 from the user (step S321), the decryption unit 302b reads 
the first encrypted file key from the storage unit 400b, 
subjects the read first encrypted file key to the decryption 
algorithm D2 using the password as a key to generate a file 
key, and outputs the generated file key to the decryption 

10 unit 305b via the switch unit 303b (step S322) . Following 
this, the decryption unit 305b reads a ciphertext included 
in the data part of the encrypted file 404b in the storage 
unit 400b, and subjects the read ciphertext to the decryption 
algorithm D3 using the file key as a key to generate a decrypted 

15 text (step S323) - The decryption unit 305b then writes the 
decrypted text file 402b including the generated decrypted 
text to the storage unit 400b (step S324) . 

In the new second encrypted file key generation process 
in step S303, the file encryption unit 200b receives an input 

20 of a password that is the same as the password received 
previously (step S331), reads the first encrypted file key 
from the encrypted file 404b (step S332), and subjects the 
first encrypted file key to the decryption algorithm D2 using 
the password as a key to generate a file key (step S333) . 

25 Following this, the file encryption unit 200b reads new key 
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information from the key storage medium, subjects the file 
key to the encryption algorithmE4 using the new key information 
as a key to generate a new second encrypted file key (step 
S334), and updates the second encrypted file key in the 
5 encrypted file 404b to the generated new second encrypted 
file key (step S335) . 

In the normal decryption process using the new key 
information in step S304, the decryption unit 304b reads the 
new key information from the key storage medium (step S341) 

10 and the new second encrypted file key from the storage unit 
400b, subjects the read new second encrypted file key to the 
decryption algorithm D4 using the new key information as a 
key to generate a file key, and outputs the generated file 
key to the decryption unit 305b via the switch unit 303b (step 

15 S342) . Following this, the decryption unit 305b reads a 
ciphertext included in the data part of the encrypted file 
404b in the storage unit 400b, subjects the read ciphertext 
to the decryption algorithm D3 using the file key as a key 
to generate a decrypted text (step S343) , and writes the 

20 decrypted text file 402b including the generated decrypted 
text to the storage unit 400b (step S344). 

(9) The file decryption unit 300b may require both key 
information and a password for decrypting a ciphertext. 

Also, a first encrypted file key and a second encrypted 

25 file key each may be decrypted using both a password and key 
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information, to generate two file keys, and an alteration 
in the header part of the encrypted file may be detected by 
judging whether the generated two file keys match or not. 
(10) As in the first embodiment, authentication 

5 information may be added to an encrypted password, a first 
encrypted file key, a second encrypted file key, and a 
ciphertext, so that the authentication information can be 
utilized for detecting an alteration of each of the encrypted 
password, the first encrypted file key, the second encrypted 

10 file key, and the ciphertext. 
3. Conclusions 

According to the present invention as described above, 
encryption and decryption of a file using key information 
accompanying a computer becomes possible. In addition, 

15 decryption of the file only using a password that has been 
registered beforehand and stored securely in the computer 
is possible if indicated at the time of the encryption. The 
password does not need to be set each time a file is encrypted. 
Also, the present invention provides structures for making 

20 decryption using a password temporarily invalid, or easily 
changing the password, in case the user forgets the password. 
Also, the present invention further provides structures for 
making key information temporarily invalid in case the user 
loses the key information . When new key information is issued, 

25 a file that has encrypted with the lost key information can 
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be decrypted using the new key information merely by updating 
the header part of the encrypted file. Also, by storing an 
ID for key information or for a password in a header part 
of each encrypted file or in a unified management file, each 
5 encrypted file that requires a change in accordance with 
updating key information or a password can be retrieved* 

As described above, the present invention provides a 
file encryption/decryption system that satisfies the 
following conditions . 
10 (1) Encryption of a file is performed using key 

information stored in a storage medium such as an IC card. 
Once a password is registered beforehand, it is not necessary 
to input a password every time encryption is performed. 

(2) Decryption of a file is normally performed using 
15 the key information. Also, the decryption of the file using 

the password registered beforehand is made possible by a user 
indication at the time when the file is encrypted. 

(3) The system comprises a structure allowing a password 
to be changed easily. 

20 (4) The system comprises a structure that makes key 

information temporarily invalid when the key information is 
lost, a structure allowing, when new key information is issued, 
an encrypted file that has been encrypted using the key 
information, to be handled with the new key information, and 

25 a structure that easily retrieves an encrypted file to be 
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changed due to the change of the key information. 
4. Other Modifications 

Although the present invention has been described based 
on the above embodiments , the invention should not be limited 
5 to such* For example, the following modifications are 
possible • 

(1) In the above embodiments, DES is employed as the 
decryption/encryption algorithm. However, other 
decryption/encryption algorithms may instead be employed. 

10 (2) The present invention also applies to the method used 

by the apparatuses described above* This method may be 
realized by computer programs that are executed by computers . 
Such computer programs may be distributed as digital signals . 
Also, the present invention may be realized by a 

15 computer-readable storage medium, such as a floppy disk, a 
hard disk, a CD-ROM (Compact Disc-Read Only Memory) , an MO 
(Magneto-Optical) disc, a DVD (Digital Versatile Disc) , a 
DVD-ROM, a DVD-RAM, or a semiconductor memory, on which 
computer programs and/or digital signals mentioned above are 

20 recorded. Conversely, the present invention may also be 
realized by a computer program and/or digital signal that 
is recorded on a storage medium* 

Computer program or digital signals that achieve the 
present invention may also be transmitted via a network, such 

25 as an electric communication network, a wired or wireless 
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communication network, or the Internet. 

Also, the above embodiments of the present invention 
can be realized by a computer system that includes a 
microprocessor and a memory . In this case, a computer program 
5 can be stored in the memory, with the microprocessor operating 
in accordance with the computer program. 

The computer programs and/or digital signals may be 
provided on an independent computer system by distributing 
a storage medium on which the computer programs and/or digital 
10 signals are recorded, or by transmitting the computer programs 
and/or digital signals via a network. The independent 
computer may then execute the computer programs and/or digital 
signals to function as the present invention. 

(3) The limitations described in the embodiment and the 
15 modifications may be freely combined. 

Although the present invention has been fully described 
by way of examples with reference to the accompanying drawings , 
it is to be noted that various changes and modifications will 
20 be apparent to those skilled In the art. Therefore, unless 
such changes and modifications depart from the scope of the 
present invention, they should be construed as being included 
therein . 
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